How can I define different policies for groups?

MetaAccess allows IT/Security administrators to define different security level for different groups. Administrators have flexibility in terms of customizing security policies for different audiences to ensure that groups with different needs or risk scores have different levels of access rights

1. How do I create a new policy?

  1. Log into the MetaAccess console

  2. Navigate to the Policies in the left navigation

  3. Click on the CREATE NEW POLICY button

    images/download/attachments/29935832/create_policy.PNG

  4. Fill in the Policy Name and Description (optional) in Step 1

  5. Click the DEFINE DEVICE ISSUES button

  6. In Step 2, you can define how to consider an issue on devices for vulnerabilities, device compliance check (installed anti-malware, antiphishing, disk backup, operating system, encryption applications and firewall), Infections, unwanted applications, custom. You can select the device types (Desktops, laptops, Virtual Machines and Servers) these rules are applied to as well as by Operating System type (Windows, macOS, Linux, Android, and iOS)

    images/download/attachments/29935832/new_policy.PNG
  7. Click the DEFINE DEVICE STATUS button

  8. In step 3, Add/Remove device status rules to define a device status (compliant or non compliant) based on compliance security issues and other conditions. Note that you cannot delete the default rule in this step. It's a fallback rule in case a device doesn't meet any rules you define.

    images/download/attachments/29935832/status.PNG
  9. Hit CREATE button.

Notes:

  • MetaAccess processes rules by ordered. If a device meets a rule (must to meet all conditions defined in that rule), it will get device status in that rule.

For example: a policy has 3 rules below:

images/download/attachments/29935832/threerules.PNG

Case 1: my device reported with no issues and has not checked in 3 hours.

Device status: the device is considered as non-compliant with Rule #1

Case 2: my device reported with no issue 5 minutes ago

Device status: the device is considered as non-compliant with Rule #2

2. How do I update a policy?

  1. Log into MetaAccess console

  2. Navigate to Policies

  3. Go to policy details of a policy you want to update

  4. Click on the step number on the right-top corner to go to a step you want to update.

  5. Click SAVE button at the button and confirm your PIN to save changes

3. How do I apply a policy to a group?

  1. Log into the MetaAccess console

  2. Navigate to Inventory > Groups

  3. Go to the group that you want to change policy

  4. Click on Change

    images/download/attachments/29935832/group1.PNG

images/download/attachments/29935832/group2.PNG

5. Confirm your change with your PIN. Note that MetaAccess will re-assess device status for devices in the group with the new policy

This article applies to MetaAccess product.
This article was last updated on 2017-09-29.
TT